﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data.SqlClient;

namespace 美妆产品管理系统
{
    class UserSerivce
    {
        public bool checkCustomer(string username,string pwd)
        {
            //pwd = GetMDHash,MD5(pwd);
            bool flag = false;
            DB.GetCn();
            string str = "select * from Customers where Customer_Name=@username and phome=@pwd";
            SqlCommand cmd = new SqlCommand(str, DB.cn);
            cmd.Parameters.AddWithValue("@username", username);
            cmd.Parameters.AddWithValue("@pwd", pwd);
            try
            {
                SqlDataReader rdr = cmd.ExecuteReader();
                if (rdr.Read())
                {
                    flag = true;
                    Login.Customers_ID = rdr[0].ToString();
                }
            }
            catch(SqlException ex)
            {
                throw;
            }
            finally
            {
                DB.cn.Close();
            }
            return flag;
        }

        public bool checkEmployee(string username,string pwd)
        {
            //pwd = GEtMD5Hash.MD5(pwd);
            bool flag = false;
            DB.GetCn();
            string str = "select * from Employee where employee_Name=@username and Telephone=@pwd";
            SqlCommand cmd = new SqlCommand(str, DB.cn);
            cmd.Parameters.AddWithValue("@username", username);
            cmd.Parameters.AddWithValue("@pwd", pwd);
            try
            {
                SqlDataReader rdr = cmd.ExecuteReader();
                if (rdr.Read())
                {
                    flag = true;
                    Login.Employee_ID = rdr[0].ToString();
                    if (rdr[9].ToString() == "D002")
                    {
                        Login.Dflag = true;
                    }
                    else
                    {
                        Login.Dflag = false;
                    }
                }
            }
            catch(SqlException ex)
            {
                throw;
            }
            finally
            {
                DB.cn.Close();
            }
            return flag;
        }

        public bool checkTuser(string username,string pwd,int keys)
        {
            bool flag = false;
            DB.GetCn();
            string str = "select * from Tuser where username=@username and keys=@keys";
            SqlCommand cmd = new SqlCommand(str, DB.cn);
            cmd.Parameters.AddWithValue("@username", username);
            cmd.Parameters.AddWithValue("@pwd", pwd);
            cmd.Parameters.AddWithValue("@keys", keys);
            try
            {
                SqlDataReader rdr = cmd.ExecuteReader();
                if (rdr.Read())
                {
                    flag = true;
                }
            }
            catch(SqlException ex)
            {
                throw;
            }
            finally
            {
                DB.cn.Close();
            }
            return flag;
        }
    }
}
